From ddc0ad61ee509e6bfd0e4aa8920071cb36693140 Mon Sep 17 00:00:00 2001 From: Michał Górny Date: Thu, 26 Jul 2018 08:59:41 +0200 Subject: openpgp: Process import status instead of export, for GnuPG-1.4 GnuPG 1.4 does not print machine-readable data when exporting keys. Rework the WKD code to process the data on import instead. This means that keys will be imported via WKD even if not all were exported -- however, that should cause no harm as invalid data still will not be accepted. --- gemato/openpgp.py | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/gemato/openpgp.py b/gemato/openpgp.py index 0744399..2329482 100644 --- a/gemato/openpgp.py +++ b/gemato/openpgp.py @@ -296,24 +296,24 @@ disable-scdaemon return False # otherwise, xfer the keys - exitst, out, err = subenv._spawn_gpg(['--status-fd', '2', - '--export'] + list(keys), '') + exitst, out, err = subenv._spawn_gpg(['--export'] + list(keys), '') if exitst != 0: return False + exitst, out, err = self._spawn_gpg(['--import', + '--status-fd', '1'], out) + if exitst != 0: + # there's no valid reason for import to fail here + raise gemato.exceptions.OpenPGPKeyRefreshError(err.decode('utf8')) + # we need to explicitly ensure all keys were fetched - for l in err.splitlines(): - if l.startswith(b'[GNUPG:] EXPORTED'): - fpr = l.split(b' ')[2].decode('ASCII') + for l in out.splitlines(): + if l.startswith(b'[GNUPG:] IMPORT_OK'): + fpr = l.split(b' ')[3].decode('ASCII') keys.remove(fpr) if keys: return False - exitst, out2, err = self._spawn_gpg(['--import'], out) - if exitst != 0: - # there's no valid reason for import to fail here - raise gemato.exceptions.OpenPGPKeyRefreshError(err.decode('utf8')) - return True def refresh_keys_keyserver(self, keyserver=None): -- cgit v1.2.3